Bug#870109: out-of-bounds read with the MNG CLIP chunk.

2017-07-29 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb9u1 commit

Bug#870110: CVE-2017-11538: Memory-Leak in WriteOnePNGImage() coders/png.c #569

2017-07-29 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb9u1 forwarded:

Bug#870108: memory leak in ReadOneJNGImage #550

2017-07-29 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb9u1

Bug#870106: heap buffer overflow in ReadOneMNGImage

2017-07-29 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb9u1 forwarded:

Bug#870107: memory exhaustion in ReadOneJNGImage in png.c

2017-07-29 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb9u1 forwarded:

Bug#870105: Lack of validation of png file

2017-07-29 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb9u1 Validate png

Bug#870067: CVE-2017-11640

2017-07-29 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb9u1 forwarded:

Bug#870065: CVE-2017-11639

2017-07-29 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb9u1 forwarded:

Bug#870021: memory leak in mat coder upstream 617

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#870023: memory leak in mat coder (upstream 624)

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#870022: memory leak in mat coder (upstream 616)

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#870020: assertion failed in DestroyImage due to mat coder

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#870019: assertion failed in DestroyImageInfo in mat coder

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#870016: retitle

2017-07-28 Thread Bastien ROUCARIES
contro:: retitle -1 CVE-2017-11644

Bug#870017: memory leak in mat file handler

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#870015: memory leak in ReadMATImage

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#870016: Memory-Leak in ReadMATImage()

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#870014: assertion failed in DestroyImageInfo

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#870013: Memory leak in mat coder

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 A memory leak in mat file could be triggerd by a

Bug#870012: use of uninitialized data in ImageMagick/coders/mat.c

2017-07-28 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-13 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#869713: done:

2017-07-28 Thread Bastien ROUCARIES
version: 8:6.9.7.4+dfsg-13 Patch queue contain: commit 68ec95456c0bf6335579285341493c47f07b32f8 Author: Cristy Date: Thu Jul 6 06:13:54 2017 -0400 wmf file memory leak in CloneDrawInfo The function CloneDrawInfo in draw.c allows attackers to cause a

Bug#869834: CVE-2017-11533: heap buffer overflow in uil coder

2017-07-26 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: serious Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#869831: CVE-2017-11536 memory leak in jp2 coder

2017-07-26 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#869830: [imagemagick] lack of validation for jp2 format

2017-07-26 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 Fixed by commit

Bug#869827: CVE-2017-11535: heap based overflow in ps.c

2017-07-26 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#869796: Fix a leak in mpc file due to corrupted profiles

2017-07-26 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 forwarded:

Bug#869791: Memory leak for convert logo: logo.mpc

2017-07-26 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 Both commit fix

Bug#869769: memory leak in enhance.c

2017-07-26 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869728: Avoid a crash for mpc coder

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: serious Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869727: Memory exhaustion in mpc coder

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: serious Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869726: CVE-2017-11532: memory leak in coders/mpc.c.

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: serious Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869725: CVE-2017-11531: Memory Leak in coders/histogram.c.

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: serious Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#867748: Does not affect imagemagick 6 at least some version

2017-07-25 Thread Bastien ROUCARIES
Hi, It seems that this bug does not affect unstable/testing/stable. Could you check for oldstable ? See upstream comments

Bug#869722: Imagemagick: memory leak in quantize

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869721: Imagemagick: memory leak in WritePALMImage #574

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869715: [imagemagick] use after free in ReadWMFImage #555

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869713: [imagemagick] memory leak in CloneDrawInfo #544

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869712: CVE-2017-11537: palm fpe

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869711: CVE-2017-11534: wmf memory leak

2017-07-25 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#869210: endless loop in ReadTXTImage

2017-07-21 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: serious Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.9.7.4+dfsg-11+deb9u1 control: found -1 8:6.8.9.9-5+deb8u10 control: found -1

Bug#869209: [imagemagick] Null-Point reference in WriteOnePNGImage

2017-07-21 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-12 Severity: serious Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.9.7.4+dfsg-11+deb9u1 control: found -1 8:6.8.9.9-5+deb8u10 control: found -1

Bug#796562: lintian: Please identify lack of sanitation compiler/linker flags

2017-07-20 Thread Bastien Roucaries
Le 20 juillet 2017 08:02:41 GMT+02:00, intrigeri a écrit : >Control: retitle -1 Please identify lack of UBSAN compiler/linker flags > >Jakub Wilk: >> Relevant thread on oss-security: >> http://www.openwall.com/lists/oss-security/2016/02/17/9 > >Right, I was aware of this

Bug#846009: look for FIX_MEs in control and copyright created by npm2deb

2017-07-18 Thread Bastien ROUCARIES
On Sat, Jul 15, 2017 at 12:02 PM, Chris Lamb wrote: > Hi Bastien, > >> > Thanks for your review. Whilst I am aware of such algorithms, could you >> > elaborate on what you mean in concrete terms here? >> >> see sub full_text_check function > > I see. That way I'm not sure we get

Bug#846009: look for FIX_MEs in control and copyright created by npm2deb

2017-07-15 Thread Bastien ROUCARIES
On Fri, Jul 14, 2017 at 9:36 PM, Chris Lamb wrote: > Hi Bastien, > >> > >> > https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=7319953bad3ae5e0e15f778a7ed19dd20241b77c >> >> Did you consider to use the sliding windows algo ? > > Thanks for your review. Whilst I am

Bug#846009: look for FIX_MEs in control and copyright created by npm2deb

2017-07-14 Thread Bastien ROUCARIES
On Tue, Jul 11, 2017 at 11:44 PM, Chris Lamb wrote: > tags 846009 + pending > thanks > > Fixed in Git: > > > https://anonscm.debian.org/git/lintian/lintian.git/commit/?id=7319953bad3ae5e0e15f778a7ed19dd20241b77c Did you consider to use the sliding windows algo ? Bastien > >

Bug#867897: [imagemagick] avoid a memory leak during screenshot

2017-07-10 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#867894: [imagemagick] Avoid heap based overflow for jpeg

2017-07-10 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#867893: [imagemagick] clear jpeg memory in order to avoid data leak

2017-07-10 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#867896: [imagemagick] enable heap overflow check for stdin for mpc files

2017-07-10 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: serious Tags: security upstream X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#867826: CPU exhaustion in ReadOneDJVUImage

2017-07-09 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1

Bug#867824: CPU exhaustion in ReadOneJNGImage

2017-07-09 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1

Bug#867825: [imagemagick] CPU exhaustion in ReadOneMNGImage

2017-07-09 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1

Bug#867823: memory leak in ReadMATImage in mat.c

2017-07-09 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#867821: memory exhaustion in ReadEPTImage in ept.c

2017-07-09 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#867812: [imagemagick] memory exhaustion in ReadDPXImage in dpx.c

2017-07-09 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#867811: [imagemagick] memory leak in ReadDIBImage in dib.c

2017-07-09 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#867810: [imagemagick] memory exhaustion in ReadCINImage

2017-07-09 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#867808: [imagemagick] CPU exhaustion in ReadRLEImage

2017-07-09 Thread Bastien ROUCARIES
Source: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1

Bug#867806: [imagemagick] CPU exhaustion in ReadDPXImage

2017-07-09 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream X-Debbugs-CC: t...@security.debian.org X-Debbugs-CC: Salvatore Bonaccorso control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14

Bug#867798: assertion failed in WriteBlob

2017-07-09 Thread Bastien ROUCARIES
Source: imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security upstream Forwarded: https://github.com/ImageMagick/ImageMagick/issues/506 On version: ImageMagick 7.0.5-10 , a crafted file revealed an assertion failure in blob.c. Will report a CVE

Bug#867721: CVE-2017-9501

2017-07-08 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-11 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#864653: ITP: node-stream-http -- Streaming http in the browser

2017-06-12 Thread Bastien ROUCARIES
Package: wnpp Severity: wishlist Owner: ro...@debian.org X-Debbugs-CC: debian-de...@lists.debian.org * Package name: node-stream-http Version : 2.7.1 Upstream Author : John Hiesey * URL : https://github.com/jhiesey/stream-http#readme * License : Expat

Bug#588537: Patch to test

2017-06-04 Thread Bastien ROUCARIES
control: tags -1 + moreinfo Hi Could you test the following patch ? Description: Disable descend path in screenshot If a compositing manager is running the manually pieced together screenshot taken by using this path might not actually match what's being displayed on screen. --- The

Bug#864090: CVE-2017-9409: the ReadMPCImage function in mpc.c allows attackers to cause a denial of service (memory leak) via a crafted file.

2017-06-04 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#864087: CVE-2017-9405: the ReadICONImage function in icon.c:452 allows attackers to cause a denial of service (memory leak) via a crafted file.

2017-06-04 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#864089: CVE-2017-9407: the ReadPALMImage function in palm.c allows attackers to cause a denial of service (memory leak) via a crafted file.

2017-06-04 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.8.9.9-5+deb8u9 control: found -1 8:6.7.7.10-5+deb7u14 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862339: ITP: node-browserify-aes -- aes cipher in pure javascript

2017-06-04 Thread Bastien ROUCARIES
On Sat, Jun 3, 2017 at 6:13 PM, Pirate Praveen <prav...@debian.org> wrote: > On Sat, 27 May 2017 15:34:07 +0200 Bastien ROUCARIES > <roucaries.bast...@gmail.com> wrote: >> Moreover test suite fail > > Can you push your work to alioth, so others can have a look

Bug#863510: ITP: node-readable-stream -- A stream compatibility library for Node.js and browser

2017-05-27 Thread Bastien ROUCARIES
Package: wnpp Severity: wishlist Owner: ro...@debian.org X-Debbugs-CC: debian-de...@lists.debian.org * Package name: node-readable-stream Version : 2.2.9 Upstream Author : FIX_ME upstream author * URL : https://github.com/nodejs/readable-stream#readme * License

Bug#862339: ITP: node-browserify-aes -- aes cipher in pure javascript

2017-05-27 Thread Bastien ROUCARIES
Moreover test suite fail On Sat, May 27, 2017 at 2:31 PM, Bastien ROUCARIES <roucaries.bast...@gmail.com> wrote: > control: forwarded -1 > https://github.com/crypto-browserify/browserify-aes/issues/43 > > On Sat, May 27, 2017 at 2:23 PM, Bastien ROUCARIES > <roucaries.

Bug#862339: ITP: node-browserify-aes -- aes cipher in pure javascript

2017-05-27 Thread Bastien ROUCARIES
control: forwarded -1 https://github.com/crypto-browserify/browserify-aes/issues/43 On Sat, May 27, 2017 at 2:23 PM, Bastien ROUCARIES <roucaries.bast...@gmail.com> wrote: > Hi, > > On Wed, May 24, 2017 at 5:27 PM, Bastien ROUCARIES > <roucaries.bast...@gmail.com> wrote:

Bug#862339: ITP: node-browserify-aes -- aes cipher in pure javascript

2017-05-27 Thread Bastien ROUCARIES
Hi, On Wed, May 24, 2017 at 5:27 PM, Bastien ROUCARIES <roucaries.bast...@gmail.com> wrote: > On Wed, May 24, 2017 at 8:22 AM, Pirate Praveen <prav...@debian.org> wrote: >> On Thu, 11 May 2017 16:02:36 +0200 Bastien ROUCARIES >> <roucaries.bast...@gmail.com> wr

Bug#862339: ITP: node-browserify-aes -- aes cipher in pure javascript

2017-05-24 Thread Bastien ROUCARIES
On Wed, May 24, 2017 at 8:22 AM, Pirate Praveen <prav...@debian.org> wrote: > On Thu, 11 May 2017 16:02:36 +0200 Bastien ROUCARIES > <roucaries.bast...@gmail.com> wrote: >> * Package name: node-browserify-aes > > Are you stuck with this module? Can I take it? S

Bug#863125: A crafted file revealed an assertion failure in blob.c.

2017-05-22 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#863126: Check for EOF conditions for RLE image format

2017-05-22 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 Waiting for CVE origin:

Bug#863124: A crafted file revealed an assertion failure in profile.c.

2017-05-22 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#863123: Specially crafted arts file could lead to memory leak

2017-05-22 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#863067: imagemagick: should depend on librsvg2-bin

2017-05-21 Thread Bastien ROUCARIES
Version: 8:6.9.7.4+dfsg-8 On Sun, May 21, 2017 at 10:40 AM, Shanavas M wrote: > Package: imagemagick > V > Severity: important > > Imagemagick fails on svg files if librsvg2-bin is not installed. So > imagemagick > should depend on librsvg2-bin No you should install

Bug#862967: Will try tomorrow

2017-05-21 Thread Bastien ROUCARIES
Hi, I plan to release a stable version tomorrow Bastien

Bug#862690: Found in unstable/testing/stable

2017-05-16 Thread Bastien ROUCARIES
control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4

Bug#862653: CVE-2017-8765

2017-05-15 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862637: CVE-2017-8830

2017-05-15 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862636: CVE-2017-8357

2017-05-15 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862634: CVE-2017-8355

2017-05-15 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862635: CVE-2017-8356

2017-05-15 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862633: CVE-2017-8354

2017-05-15 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862632: CVE-2017-8353

2017-05-15 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862590: CVE-2017-8352

2017-05-14 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862589: CVE-2017-8351

2017-05-14 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862587: CVE-2017-8350

2017-05-14 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862578: CVE-2017-8348

2017-05-14 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862579: CVE-2017-8349

2017-05-14 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862577: CVE-2017-8347

2017-05-14 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862575: CVE-2017-8346

2017-05-14 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862572: CVE-2017-8343: he ReadAAIImage function in aai.c allows attackers to cause a denial of service (memory leak) via a crafted file.

2017-05-14 Thread Bastien ROUCARIES
Package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862574: CVE-2017-8344

2017-05-14 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862573: CVE-2017-8345

2017-05-14 Thread Bastien ROUCARIES
package: src:imagemagick Version: 8:6.9.7.4+dfsg-6 Severity: important Tags: security X-Debbugs-CC: t...@security.debian.org control: found -1 8:6.8.9.9-5+deb8u8 control: found -1 8:6.7.7.10-5+deb7u13 control: found -1 8:6.7.7.10-5+deb7u4 forwarded:

Bug#862440: m4/ax_python.m4 should list recent python3.x versions

2017-05-13 Thread Bastien ROUCARIES
On Fri, May 12, 2017 at 7:17 PM, Matthias Klose wrote: > Packag: src:autoconf-archive > Version: 20160916-1 > Severity: important > Tags: sid buster > User: debian-pyt...@lists.debian.org > Usertags: python3.6 > > m4/ax_python.m4 should list recent python3.x versions up to 3.3.

Bug#862339: ITP: node-browserify-aes -- aes cipher in pure javascript

2017-05-11 Thread Bastien ROUCARIES
Package: wnpp Severity: wishlist Owner: ro...@debian.org X-Debbugs-CC: debian-de...@lists.debian.org * Package name: node-browserify-aes Version : 1.0.6 Upstream Author : * URL : https://github.com/crypto-browserify/browserify-aes * License : Expat

Bug#861812: ITP: node-evp-bytestokey -- secure key derivation algorithm from openssl

2017-05-11 Thread Bastien ROUCARIES
Uploaded On Thu, May 11, 2017 at 8:12 AM, Pirate Praveen <prav...@debian.org> wrote: > On Thu, 4 May 2017 11:50:59 +0200 Bastien ROUCARIES > <roucaries.bast...@gmail.com> wrote: >> * Package name: node-evp-bytestokey > > Any difficulty with the package?

Bug#860735: CVE-2017-7942: memory leak in avs does not affect old version

2017-05-05 Thread Bastien ROUCARIES
control: notfound -1,8:6.6.0.4-3 control: notfound -1 8:6.7.7.10-5 control: notfound -1 8:6.8.9.9-5 control: notfound -1 8:6.8.9.9-5+deb8u8 control: notfound -1 8:6.7.7.10-5+deb7u13 > > Due to code change not affected

<    1   2   3   4   5   6   7   8   9   10   >